OK, I'll start from the top:

My laptop sits on the stand next to the couch where the GF and I watch TV. Besides the normal browsing and such, we use it to research actors when they come up in shows and movies or simply to expand on information on the news. It's the "what other show was that person in" or "what do they look like now" kind of situation.

Every once in a while we get inadvertently re-directed to a porn site when searching for images on Google and I always just click "back" to return to the search. Anyway, this happened yesterday and I didn't think anything about it - just continued with my browsing as usual.

At 5:30PM yesterday, I got a call from the CC company saying there was suspicion of fraudulent activity and they ran down the charges from the day. I recognized 2 of the 5 listed and here are the 3 I did not recognize:

$68.95 supportnf.com 514-529-7833
$54.95 epoch 800-893-8871
$95.40 la touraine 800-935-5771

After some Google research, I've determined that these are "billing services" of some sort that handle billing for various customers, some of which appear to be porn sites.

So the bottom line is this:

I'm not a purposeful browser of porn sites.
I've NEVER entered my CC number into a porn site for any reason.
This has never happened before in all the years I've been using this computer.
My CC number is not stored on this computer (as far as I know).

I ran a spyware check and found a variety of cookies but no real red flags. All of my virus and spyware protection is up to date.
No keyloggers are detected.

So my question is: How would a casual mis-direction precipitate a charge on my credit card? True, I have placed orders on this computer to places like Amazon but how in the world would a site be able to glean enough info about me and my card to make a charge? Where is this info coming from?

Most importantly, what can I do to prevent this in the future?

__________________
-Evan


Benz Fleet:
1968 UNIMOG 404.114
1998 E300
2008 E63


Non-Benz Fleet:
1992 Aerostar
1993 MR2
2000 F250

let me guess, your G/F is reading this?

dude.. fess up

__________________
So many Women so little duct tape.

I think it was just a coincidence. There is no surefire way to prevent rogue sites, but you may want to use AVG free if you aren't already. It works well at identifying bad sites and will warn you when you try to access them.

__________________
99 ML320
94 SL600
92 SL500
95 E320 Cabriolet
87 560SEC
86 300SDL Grease Car
80 380SLC Euro

13 Fiat Abarth
02 Maserati Spyder Cambiocorsa
00 BMW Z3
90 Rolls Royce Silver Spur
80 Ferrari 308 GTSI
88 Jaguar XJS12 H&E Edition
99 Land Rover Discovery

There are stegonographic "traps" in which code can be inserted in a photo, especially a bitmap. It could be a goofy one, a car, a girl, anything...it could be a video. When you click on the photo it moves from the photo to the RAM, from there...the sky is the limit.

If your PC includes any ID info or CC info on anything, it can search your PC and send it back. Some get used, some not, depending on the info collected.


Usually AVG, Avira and Malware Bytes can identify these and then you decide to quarantine or delete.

__________________
Strelnik
Invest in America: Buy a Congressman!

1950 170SD
1951 Citroen 11BN
1953 Citroen 11BNF limo
1953 220a project
1959 180D
1960 190D
1960 Borgward Isabella TS 2dr
1983 240D daily driver
1983 380SL
1990 350SDL daily driver alt
3 x Citroen DS21M, down from 5
3 x Citroen 2CV, down from 6

Someone may be fraudulently using your credit card information, but that doesn't necessarily mean that said information was acquired as a result of something you did using your computer (e.g., picking up malware from a web site, or entering credit card information through a bogus payment processing page).

Another possibility is that your credit card information was "skimmed".

Another possibility is that your credit card information was "skimmed".[/

i do believe that to be true as well - jz

I have on one occasion found what I thought to be a fraudulent charge on a credit card statement. If I recall correctly, it was for $4.95. When I looked up the "merchant", it was a web site that purported to be a seller of web page templates. A little digging on Google turned up LOTS of people who were also getting mysterious $4.95 charges from the same outfit (with whom they, as I, had never knowingly done business).

I told my credit card company about the charge, and they took care of it quickly and quietly; no detailed follow-up, and no recommendation from them to kill that credit card number.

Again, a little Google research will turn up plenty of discussions of sites that purported to be sellers of web templates, eBooks, etc. - but appeared upon closer examination to really just be fronts for receiving fraudulent credit card payments.

There have to be plenty of folks out there who won't notice an oddball $4.95 charge on their statement. In your case, they're obviously being bolder!

Actually there is:

I use Firefox with Adblock plus and no script. The duo is nearly bullet proof and I have never run into problems as of writing this (knock on wood).

I thought I was the only one who did this when watching Cinemax! I use google image search all of the time and I never run into porn sites when searching for actors online.

Are you sure your computer doesn't have any malicious code on it? Download and run Malware Bytes just for the heck of it.

I'm going to disagree with you on this. A virus would need to be able to take advantage of the JPEG or Bitmap decoding process which has happened before on Windows XP. This has been patched long ago since this is a very old exploit.

For a stenography type style of attack to occur in a picture something needs to decode the information. Like I said I highly doubt that this was a virus in the form of pictures.

It's probably something a lot simpler then this. I really think it was just some guy skimming at a restaurant.

Contest the charges and get a new card. Shouldn't be that much of a hassle and in my experience with charge backs are incredibly helpful when it comes to issues like this.

__________________
-Typos courtesy of my mobile phone.

Try not to run Windows as Administrator. Create a user account without admin rights and run under that user.

Create a new Admin user under a different name and transfer admin rights to that user then remove the old admin user - if you are particularly paranoid.

Ditto on the AVG. Nice tool.

Be aware of opt out stuff when doing online purchases. Always look at the whole page... scroll down even and uncheck those boxes!

Use Firefox and clear that personal information Delete those cookies! Only allow cookie's creator to access said cookie.

Clear unnecessary temporary files on your computer. Do NOT store your CC number on your computer and do NOT use remember me passwords.

Don't click anywhere - even an X on an online add. If you do, you've already gave them carte blanch to install software and junk on your machine. The aforementioned running in Admin mode makes this possible.

__________________
Codifex
1981 240D ChinaBlue (Got her running with a donor engine.)
1983 300DTurbo w/sunroof.
1984 300TD manual sunroof. (Electrical Gremlins)

You can also turn google safe search on.

__________________
99 ML320
94 SL600
92 SL500
95 E320 Cabriolet
87 560SEC
86 300SDL Grease Car
80 380SLC Euro

13 Fiat Abarth
02 Maserati Spyder Cambiocorsa
00 BMW Z3
90 Rolls Royce Silver Spur
80 Ferrari 308 GTSI
88 Jaguar XJS12 H&E Edition
99 Land Rover Discovery

I know that perhaps a lot of people will disagree but if I pay on line I use PayPal ONLY and paying using checking account. It is fast secured and PayPal stand by any error. I have to dispute some charges twice for the last 5 years and everything was resolved within 24 hours. More and more online sites offered PayPal as option for payment.

__________________
http://i680.photobucket.com/albums/v...7/scotflag.gif http://i680.photobucket.com/albums/v.../scot2flag.gif

"If women are so bloody perfect at multitasking how come they can't have a headache and sex at the same time?"
Billy Connolly

Nothing wrong with using paypal to facilitate an online transaction. I would however if you're purchasing something through ebay to use a debit/credit so if you do have a problem with a seller or buyer being a deadbeat you can force paypal to be your friend more quickly if you bring in your card processor.

__________________
-Typos courtesy of my mobile phone.

Same thing happened to me three years ago come May. Over $300 charged on May 7th & 8th. One of the billers, had their number listed - 800 BILL.COM or something like that, so I called. It was a dozen charges ranging from $1.95 to $59.00 all to porn sites. I attributed it to my use of AOL at the time. The account was less than a month old and the only on-line uses of it were to make an Easy-Pass payment and to purchase some portable XM kit from myradiostore.com..

__________________
Sharing my partner's 2012 Forte 5dr SX til I find my next 123 or 126..
-
Do I miss being a service advisor ???

I have not had this happen before but something similar. Large charges (larger than the ones you listed) being charged without my knowledge and the CC company calling to ask if I was making the charges. This was all after a vacation out to Colorado. Luckily they covered it and I was told that this was only allowed to happen 2 times before they would cancel my card? Like it was my fault?

Keep us posted on how it turns out... I am curious.



Yep! And I am one of them! BIG NEGATIVE on that one. I rarely use PayPal anymore and use credit cards instead due to several disputes that are to this day still unresolved. 2 of them stem from my personal information being stolen from the PayPal site. Others are from casual buys from people on forums or just buying in general. Basically if you use PayPal to purchase anything out of ebay, they will not stand beside your purchase. Or so I was told at that time (this was several years ago).

__________________
AJ

1985 300D (SOLD)